Merge pull request #918 from ThanatosDi/feat/simplify-env-settings
feat: simplify env settings
This commit is contained in:
Khor Shu Heng
GitHub
commit
aea83801f7
47
deploy.env
47
deploy.env
|
|
@ -1,21 +1,35 @@
|
|||
# This file is a template for docker compose deployment
|
||||
# Copy this file to .env and change the values as needed
|
||||
|
||||
# PostgreSQL default user password
|
||||
POSTGRES_PASSWORD="changepassword"
|
||||
# PostgreSQL Settings
|
||||
POSTGRES_HOST=postgres
|
||||
POSTGRES_USER=postgres
|
||||
POSTGRES_PASSWORD=changepassword
|
||||
POSTGRES_PORT=5432
|
||||
POSTGRES_DB=postgres
|
||||
|
||||
# Supabase user settings
|
||||
SUPABASE_USER=supabase_auth_admin
|
||||
SUPABASE_PASSWORD=root
|
||||
|
||||
# Redis Settings
|
||||
REDIS_HOST=redis
|
||||
REDIS_PORT=6379
|
||||
|
||||
# AppFlowy Cloud
|
||||
## URL that connects to the gotrue docker container
|
||||
APPFLOWY_GOTRUE_BASE_URL=http://gotrue:9999
|
||||
## URL that connects to the postgres docker container
|
||||
APPFLOWY_DATABASE_URL=postgres://postgres:${POSTGRES_PASSWORD}@postgres:5432/postgres
|
||||
APPFLOWY_DATABASE_URL=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}
|
||||
APPFLOWY_ACCESS_CONTROL=true
|
||||
APPFLOWY_WEBSOCKET_MAILBOX_SIZE=6000
|
||||
APPFLOWY_DATABASE_MAX_CONNECTIONS=40
|
||||
## URL that connects to the redis docker container
|
||||
APPFLOWY_REDIS_URI=redis://${REDIS_HOST}:${REDIS_PORT}
|
||||
|
||||
# admin frontend
|
||||
## URL that connects to redis docker container
|
||||
ADMIN_FRONTEND_REDIS_URL=redis://redis:6379
|
||||
ADMIN_FRONTEND_REDIS_URL=redis://${REDIS_HOST}:${REDIS_PORT}
|
||||
## URL that connects to gotrue docker container
|
||||
ADMIN_FRONTEND_GOTRUE_URL=http://gotrue:9999
|
||||
|
||||
|
|
@ -52,33 +66,34 @@ GOTRUE_ADMIN_PASSWORD=password
|
|||
# Change this to your own domain where you host the docker-compose or gotrue
|
||||
# If you are using a different domain, you need to change the redirect_uri in the OAuth2 configuration
|
||||
# Make sure that this domain is accessible to the user
|
||||
# Make sure no endswith /
|
||||
API_EXTERNAL_URL=http://your-host
|
||||
|
||||
# In docker environment, `postgres` is the hostname of the postgres service
|
||||
# GoTrue connect to postgres using this url
|
||||
GOTRUE_DATABASE_URL=postgres://supabase_auth_admin:root@postgres:5432/postgres
|
||||
GOTRUE_DATABASE_URL=postgres://${SUPABASE_USER}:${SUPABASE_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}
|
||||
|
||||
# Refer to this for details: https://github.com/AppFlowy-IO/AppFlowy-Cloud/blob/main/doc/AUTHENTICATION.md
|
||||
# Google OAuth2
|
||||
GOTRUE_EXTERNAL_GOOGLE_ENABLED=false
|
||||
GOTRUE_EXTERNAL_GOOGLE_CLIENT_ID=
|
||||
GOTRUE_EXTERNAL_GOOGLE_SECRET=
|
||||
GOTRUE_EXTERNAL_GOOGLE_REDIRECT_URI=http://your-host/gotrue/callback
|
||||
GOTRUE_EXTERNAL_GOOGLE_REDIRECT_URI=${API_EXTERNAL_URL}/gotrue/callback
|
||||
# GitHub OAuth2
|
||||
GOTRUE_EXTERNAL_GITHUB_ENABLED=false
|
||||
GOTRUE_EXTERNAL_GITHUB_CLIENT_ID=
|
||||
GOTRUE_EXTERNAL_GITHUB_SECRET=
|
||||
GOTRUE_EXTERNAL_GITHUB_REDIRECT_URI=http://your-host/gotrue/callback
|
||||
GOTRUE_EXTERNAL_GITHUB_REDIRECT_URI=${API_EXTERNAL_URL}/gotrue/callback
|
||||
# Discord OAuth2
|
||||
GOTRUE_EXTERNAL_DISCORD_ENABLED=false
|
||||
GOTRUE_EXTERNAL_DISCORD_CLIENT_ID=
|
||||
GOTRUE_EXTERNAL_DISCORD_SECRET=
|
||||
GOTRUE_EXTERNAL_DISCORD_REDIRECT_URI=http://your-host/gotrue/callback
|
||||
GOTRUE_EXTERNAL_DISCORD_REDIRECT_URI=${API_EXTERNAL_URL}/gotrue/callback
|
||||
# Apple OAuth2
|
||||
GOTRUE_EXTERNAL_APPLE_ENABLED=false
|
||||
GOTRUE_EXTERNAL_APPLE_CLIENT_ID=
|
||||
GOTRUE_EXTERNAL_APPLE_SECRET=
|
||||
GOTRUE_EXTERNAL_APPLE_REDIRECT_URI=http://your-host/gotrue/callback
|
||||
GOTRUE_EXTERNAL_APPLE_REDIRECT_URI=${API_EXTERNAL_URL}/gotrue/callback
|
||||
|
||||
# File Storage
|
||||
# Create the bucket if not exists on AppFlowy Cloud start up.
|
||||
|
|
@ -130,26 +145,26 @@ NGINX_TLS_PORT=443
|
|||
APPFLOWY_AI_OPENAI_API_KEY=
|
||||
APPFLOWY_AI_SERVER_PORT=5001
|
||||
APPFLOWY_AI_SERVER_HOST=ai
|
||||
APPFLOWY_AI_DATABASE_URL=postgresql+psycopg://postgres:${POSTGRES_PASSWORD}@postgres:5432/postgres
|
||||
APPFLOWY_AI_DATABASE_URL=postgresql+psycopg://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}
|
||||
APPFLOWY_LOCAL_AI_TEST_ENABLED=false
|
||||
|
||||
# AppFlowy History
|
||||
APPFLOWY_GRPC_HISTORY_ADDRS=http://localhost:50051
|
||||
APPFLOWY_HISTORY_REDIS_URL=redis://redis:6379
|
||||
APPFLOWY_HISTORY_DATABASE_URL=postgres://postgres:${POSTGRES_PASSWORD}@postgres:5432/postgres
|
||||
APPFLOWY_HISTORY_REDIS_URL=redis://${REDIS_HOST}:${REDIS_PORT}
|
||||
APPFLOWY_HISTORY_DATABASE_URL=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}
|
||||
|
||||
# AppFlowy Indexer
|
||||
APPFLOWY_INDEXER_ENABLED=true
|
||||
APPFLOWY_INDEXER_DATABASE_URL=postgres://postgres:${POSTGRES_PASSWORD}@postgres:5432/postgres
|
||||
APPFLOWY_INDEXER_REDIS_URL=redis://redis:6379
|
||||
APPFLOWY_INDEXER_DATABASE_URL=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}
|
||||
APPFLOWY_INDEXER_REDIS_URL=redis://${REDIS_HOST}:${REDIS_PORT}
|
||||
|
||||
# AppFlowy Collaborate
|
||||
APPFLOWY_COLLABORATE_MULTI_THREAD=false
|
||||
APPFLOWY_COLLABORATE_REMOVE_BATCH_SIZE=100
|
||||
|
||||
# AppFlowy Worker
|
||||
APPFLOWY_WORKER_REDIS_URL=redis://redis:6379
|
||||
APPFLOWY_WORKER_DATABASE_URL=postgres://postgres:${POSTGRES_PASSWORD}@postgres:5432/postgres
|
||||
APPFLOWY_WORKER_REDIS_URL=redis://${REDIS_HOST}:${REDIS_PORT}
|
||||
APPFLOWY_WORKER_DATABASE_URL=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}
|
||||
|
||||
# AppFlowy Web
|
||||
APPFLOWY_WEB_URL=http://localhost:3000
|
||||
|
|
|
|||
|
|
@ -32,6 +32,8 @@ services:
|
|||
- POSTGRES_DB=${POSTGRES_DB:-postgres}
|
||||
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-password}
|
||||
- POSTGRES_HOST=${POSTGRES_HOST:-postgres}
|
||||
- SUPABASE_USER=${SUPABASE_USER:-supabase_auth_admin}
|
||||
- SUPABASE_PASSWORD=${SUPABASE_PASSWORD:-root}
|
||||
volumes:
|
||||
- ./migrations/before:/docker-entrypoint-initdb.d
|
||||
- postgres_data:/var/lib/postgresql/data
|
||||
|
|
@ -91,7 +93,7 @@ services:
|
|||
- RUST_LOG=${RUST_LOG:-info}
|
||||
- APPFLOWY_ENVIRONMENT=production
|
||||
- APPFLOWY_DATABASE_URL=${APPFLOWY_DATABASE_URL}
|
||||
- APPFLOWY_REDIS_URI=redis://redis:6379
|
||||
- APPFLOWY_REDIS_URI=${APPFLOWY_REDIS_URI}
|
||||
- APPFLOWY_GOTRUE_JWT_SECRET=${GOTRUE_JWT_SECRET}
|
||||
- APPFLOWY_GOTRUE_JWT_EXP=${GOTRUE_JWT_EXP}
|
||||
- APPFLOWY_GOTRUE_BASE_URL=${APPFLOWY_GOTRUE_BASE_URL}
|
||||
|
|
|
|||
|
|
@ -1,37 +0,0 @@
|
|||
-- Add migration script here
|
||||
-- Create the anon and authenticated roles if they don't exist
|
||||
CREATE OR REPLACE FUNCTION create_roles(roles text []) RETURNS void LANGUAGE plpgsql AS $$
|
||||
DECLARE role_name text;
|
||||
BEGIN FOREACH role_name IN ARRAY roles LOOP IF NOT EXISTS (
|
||||
SELECT 1
|
||||
FROM pg_roles
|
||||
WHERE rolname = role_name
|
||||
) THEN EXECUTE 'CREATE ROLE ' || role_name;
|
||||
END IF;
|
||||
END LOOP;
|
||||
END;
|
||||
$$;
|
||||
SELECT create_roles(ARRAY ['anon', 'authenticated']);
|
||||
|
||||
-- Create supabase_admin user if it does not exist
|
||||
DO $$ BEGIN IF NOT EXISTS (
|
||||
SELECT
|
||||
FROM pg_catalog.pg_roles
|
||||
WHERE rolname = 'supabase_admin'
|
||||
) THEN CREATE USER supabase_admin LOGIN CREATEROLE CREATEDB REPLICATION BYPASSRLS;
|
||||
END IF;
|
||||
END $$;
|
||||
-- Create supabase_auth_admin user if it does not exist
|
||||
DO $$ BEGIN IF NOT EXISTS (
|
||||
SELECT
|
||||
FROM pg_catalog.pg_roles
|
||||
WHERE rolname = 'supabase_auth_admin'
|
||||
) THEN CREATE USER supabase_auth_admin BYPASSRLS NOINHERIT CREATEROLE LOGIN NOREPLICATION PASSWORD 'root';
|
||||
END IF;
|
||||
END $$;
|
||||
-- Create auth schema if it does not exist
|
||||
CREATE SCHEMA IF NOT EXISTS auth AUTHORIZATION supabase_auth_admin;
|
||||
-- Grant permissions
|
||||
GRANT CREATE ON DATABASE postgres TO supabase_auth_admin;
|
||||
-- Set search_path for supabase_auth_admin
|
||||
ALTER USER supabase_auth_admin SET search_path = 'auth';
|
||||
|
|
@ -0,0 +1,45 @@
|
|||
#!/usr/bin/bash
|
||||
set -e
|
||||
|
||||
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
|
||||
-- Create the anon and authenticated roles if they don't exist
|
||||
CREATE OR REPLACE FUNCTION create_roles(roles text []) RETURNS void LANGUAGE plpgsql AS \$\$
|
||||
DECLARE role_name text;
|
||||
BEGIN FOREACH role_name IN ARRAY roles LOOP IF NOT EXISTS (
|
||||
SELECT 1
|
||||
FROM pg_roles
|
||||
WHERE rolname = role_name
|
||||
) THEN EXECUTE 'CREATE ROLE ' || role_name;
|
||||
END IF;
|
||||
END LOOP;
|
||||
END;
|
||||
\$\$;
|
||||
SELECT create_roles(ARRAY ['anon', 'authenticated']);
|
||||
|
||||
-- Create supabase_admin user if it does not exist
|
||||
DO \$\$ BEGIN IF NOT EXISTS (
|
||||
SELECT
|
||||
FROM pg_catalog.pg_roles
|
||||
WHERE rolname = 'supabase_admin'
|
||||
) THEN CREATE USER supabase_admin LOGIN CREATEROLE CREATEDB REPLICATION BYPASSRLS;
|
||||
END IF;
|
||||
END \$\$;
|
||||
|
||||
-- Create supabase_auth_admin user if it does not exist
|
||||
DO \$\$ BEGIN IF NOT EXISTS (
|
||||
SELECT
|
||||
FROM pg_catalog.pg_roles
|
||||
WHERE rolname = '$SUPABASE_USER'
|
||||
) THEN CREATE USER "$SUPABASE_USER" BYPASSRLS NOINHERIT CREATEROLE LOGIN NOREPLICATION PASSWORD '$SUPABASE_PASSWORD';
|
||||
END IF;
|
||||
END \$\$;
|
||||
|
||||
-- Create auth schema if it does not exist
|
||||
CREATE SCHEMA IF NOT EXISTS auth AUTHORIZATION $SUPABASE_USER;
|
||||
|
||||
-- Grant permissions
|
||||
GRANT CREATE ON DATABASE postgres TO $SUPABASE_USER;
|
||||
|
||||
-- Set search_path for supabase_auth_admin
|
||||
ALTER USER $SUPABASE_USER SET search_path = 'auth';
|
||||
EOSQL
|
||||
Loading…
Reference in New Issue